An Ounce of Prevention

If you’re a friend, colleague, or client of mine, you probably run some kind of antivirus software. It’s a Good Idea™ in Mac OS and an Absolute Necessity™ if you’re running Windows. I don’t want to diminish the importance of antivirus software. Install it, run it, and keep it updated. Unfortunately, malicious software can still sometimes get through the cracks. So what are the cracks and how do we fill them?

First the cracks. Software. All of the software on your computer is imperfect. Most of the imperfections are benign. Some of the imperfections may allow unauthorized parties to make your computer behave unexpectedly. These imperfections are called, “Vulnerabilities.” The worst vulnerabilities can be exploited to allow unauthorized people to run software on your computer without your permission. Such exploits and vulnerabilities are discovered all of the time. Take a look at a single week’s worth.

Now, the glue. Software vendors work diligently to fix these bugs as they are discovered. It’s your job to install their patches. In decreasing order of importance, you should keep the following things up-to-date on your computer:

Your web browser. Firefox, Safari, Internet Explorer, Chrome, or whatever web browser you use, it’s the first part of your computer to come into contact with the internet. All of those browsers have had high-severity exploits discovered, and all are regularly updated and patched by their authors. Check and apply those updates regularly too.

The rest of your software. Microsoft Office, Acrobat, Photoshop and others have all been exploited. Check with those vendors too.

That’s a lot to check. Fortunately there are nerds out there who care about you and have developed free tools to help you keep yourself safe.

On the Mac, after enabling automatic updates from Apple, I use AppFresh by Metaquark to scan my computer for out-of-date software. It’s free and it’s easy to use.

On Windows, after enabling automatic updates from Microsoft, I use the Personal Software Inspector (PSI) by Secunia to keep my software healthy. Secunia PSI can run almost entirely automatically. It’s a breeze to run and it does a great job.

If you need help with any of these ideas or processes, please don’t hesitate to contact your friendly neighborhood Feedwire nerd. Happy updating!